Abstract: The access control models like DAC, MAC, RBAC, TBAC, TMAC or OR-BAC does not permit to define security policies that will enable to control the activities of a super-user or Database Administrator (DBA). Moreover, the super-user has more rights and powers over the information system resources than its hierarchical superiors. This paradox exposes the organisation to attacks targeting the information system. We propose a concept of electronics signature book based on an extension of the Or-BAC model, that we developed and called HOr-BAC to specify security policies capable of solving these problems control of super-user activities. We implemented this concept into a Postgres SQL Database System Manager, for controlling the super-user activities in bank information system with success.
Keywords: component; access control model, on hierarchical Organization, operational unit, administrative unit, computer as information system, request, validation, treatment mode, electronic signature-book.
Title: HOr-BAC : An access control based on hierarchical Organizational
Author: Benoît Martin AZANGUEZET QUIMATIO, Laure Pauline FOTSO
International Journal of Computer Science and Information Technology Research
ISSN 2348-120X (online), ISSN 2348-1196 (print)
Research Publish Journals
